Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/D80ABAE0B0F811E595E0F761C4F9AE02.roa
File: D80ABAE0B0F811E595E0F761C4F9AE02.roa (raw, json)
Hash identifier: zlRoAfBvEWm+ICqeN72JyYaPMqWwx3agcrGPpHWXNEA=
Subject key identifier: 99:AC:D7:04:49:CE:F0:D4:C0:8F:F8:49:06:6C:26:01:AB:CD:5A:E3
Certificate issuer: /CN=A91474C3/serialNumber=F3FEF462A4D8E2F7FA0735A6AB645EE5635DA8F2
Certificate serial: 34E3
Authority key identifier: F3:FE:F4:62:A4:D8:E2:F7:FA:07:35:A6:AB:64:5E:E5:63:5D:A8:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8_70YqTY4vf6BzWmq2Re5WNdqPI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/D80ABAE0B0F811E595E0F761C4F9AE02.roa
Signing time: Thu 10 Apr 2025 14:50:11 +0000
ROA not before: Thu 10 Apr 2025 14:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38186
IP address blocks: 27.50.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/8_70YqTY4vf6BzWmq2Re5WNdqPI.crl
rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/8_70YqTY4vf6BzWmq2Re5WNdqPI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8_70YqTY4vf6BzWmq2Re5WNdqPI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 22:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13539 (0x34e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91474C3, serialNumber=F3FEF462A4D8E2F7FA0735A6AB645EE5635DA8F2
Validity
Not Before: Apr 10 14:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67f7daa3-355e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5d:f3:2c:62:07:c2:23:7d:9e:ac:f8:c6:d6:
61:84:0d:bb:b8:48:91:53:ad:69:e1:d9:27:fc:2e:
b8:8f:61:d1:54:32:cd:6d:0a:5f:ea:cf:81:62:2a:
78:8e:bf:a2:b8:4a:15:7a:55:79:ab:cb:bc:75:4b:
f4:81:81:40:8a:b7:ef:57:ca:59:5a:9b:5c:e7:63:
c2:3b:be:09:bf:ab:7e:60:3d:9a:5f:0c:ba:9e:57:
b6:59:73:5d:df:60:26:c5:ec:e2:c1:25:60:cd:82:
70:c9:61:a7:df:e6:98:e0:c0:0b:48:47:96:de:fd:
f4:5e:6d:a4:cb:f7:64:d7:88:a0:bb:59:33:a2:6d:
70:da:a4:9c:93:c5:9b:e6:f3:a7:4c:d8:02:f8:8b:
16:0d:26:f0:37:27:a6:08:66:1d:97:c5:90:08:4f:
82:d6:0c:00:ba:6e:73:41:98:04:d2:0d:83:ab:f6:
4f:a3:1c:e5:5b:87:b8:81:8c:4e:92:65:2b:d5:28:
6d:d4:a2:01:7f:28:61:4d:ff:9f:0a:89:30:5e:97:
9c:90:63:6d:cb:96:8f:2e:3f:c3:8b:8b:a0:4e:3d:
89:27:cb:a0:5d:2d:87:75:ed:43:fa:c7:77:00:fa:
34:18:2d:fe:17:78:40:b3:af:9f:68:e6:84:a8:cb:
d8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:AC:D7:04:49:CE:F0:D4:C0:8F:F8:49:06:6C:26:01:AB:CD:5A:E3
X509v3 Authority Key Identifier:
keyid:F3:FE:F4:62:A4:D8:E2:F7:FA:07:35:A6:AB:64:5E:E5:63:5D:A8:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/8_70YqTY4vf6BzWmq2Re5WNdqPI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8_70YqTY4vf6BzWmq2Re5WNdqPI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91474C3/6F8B52A01D7011E2BC11DAB408B02CD2/D80ABAE0B0F811E595E0F761C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.50.32.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:2a:32:73:75:12:51:9a:dd:6e:b5:b6:cb:15:f7:72:f6:7d:
90:7e:f0:0b:4c:5a:cd:2d:cf:4a:44:ca:5e:18:fe:cb:04:75:
d4:90:d5:d2:65:d9:dc:16:ed:d9:24:53:6b:b1:10:7e:fe:d2:
a3:a1:10:eb:13:bf:25:31:f4:7a:58:cc:60:6a:ce:1d:03:63:
39:c7:5d:da:2a:1b:2e:f4:c7:af:5c:26:59:9b:1e:0a:f6:ef:
9c:67:d1:87:e0:35:d3:c6:b4:b5:98:00:14:f2:15:ff:07:c1:
05:54:da:1c:bb:a4:0a:cf:67:57:45:20:3f:76:9c:e1:c2:b4:
23:36:c3:44:50:23:4b:61:63:5d:6c:df:6a:f4:35:77:19:5f:
c8:25:7e:e0:9a:33:88:72:ab:7f:51:e5:8f:5a:68:c7:67:81:
00:39:86:74:a2:3d:14:58:e8:bd:fb:26:39:3b:11:1f:9f:c2:
1e:b9:44:86:a5:78:4a:28:1e:47:0a:aa:97:4c:ce:58:88:cc:
a6:c6:65:a3:e3:26:b7:3b:d1:4c:a4:18:fb:6a:32:60:f9:e8:
9c:b4:97:f8:eb:79:36:63:79:cf:79:8e:66:2c:7d:1d:8f:18:
7d:a3:ae:5d:d5:3e:0d:4d:9f:bf:44:f4:1c:8e:63:6f:cf:aa:
3c:0e:8a:79
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc0QzMxMTAvBgNVBAUTKEYzRkVGNDYyQTREOEUyRjdGQTA3MzVBNkFCNjQ1RUU1
NjM1REE4RjIwHhcNMjUwNDEwMTQ1MDExWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y3ZGFhMy0zNTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1F3zLGIHwiN9nqz4xtZhhA27uEiRU61p4dkn/C64j2HRVDLNbQpf6s+BYip4
jr+iuEoVelV5q8u8dUv0gYFAirfvV8pZWptc52PCO74Jv6t+YD2aXwy6nle2WXNd
32AmxeziwSVgzYJwyWGn3+aY4MALSEeW3v30Xm2ky/dk14igu1kzom1w2qSck8Wb
5vOnTNgC+IsWDSbwNyemCGYdl8WQCE+C1gwAum5zQZgE0g2Dq/ZPoxzlW4e4gYxO
kmUr1Sht1KIBfyhhTf+fCokwXpeckGNty5aPLj/Di4ugTj2JJ8ugXS2Hde1D+sd3
APo0GC3+F3hAs6+faOaEqMvYCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJms1wRJ
zvDUwI/4SQZsJgGrzVrjMB8GA1UdIwQYMBaAFPP+9GKk2OL3+gc1pqtkXuVjXajy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzRDMy82RjhCNTJBMDFE
NzAxMUUyQkMxMURBQjQwOEIwMkNEMi84XzcwWXFUWTR2ZjZCeldtcTJSZTVXTmRx
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhfNzBZcVRZNHZmNkJ6V21xMlJlNVdOZHFQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc0QzMvNkY4QjUyQTAxRDcwMTFFMkJDMTFEQUI0MDhCMDJDRDIvRDgwQUJBRTBC
MEY4MTFFNTk1RTBGNzYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAbMiAwDQYJKoZIhvcNAQELBQADggEBAKwqMnN1ElGa3W61
tssV93L2fZB+8AtMWs0tz0pEyl4Y/ssEddSQ1dJl2dwW7dkkU2uxEH7+0qOhEOsT
vyUx9HpYzGBqzh0DYznHXdoqGy70x69cJlmbHgr275xn0YfgNdPGtLWYABTyFf8H
wQVU2hy7pArPZ1dFID92nOHCtCM2w0RQI0thY11s32r0NXcZX8glfuCaM4hyq39R
5Y9aaMdngQA5hnSiPRRY6L37Jjk7ER+fwh65RIaleEooHkcKqpdMzliIzKbGZaPj
Jrc70UykGPtqMmD56Jy0l/jreTZjec95jmYsfR2PGH2jrl3VPg1Nn79E9ByOY2/P
qjwOink=
-----END CERTIFICATE-----
Generated at Mon Apr 14 19:38:35 2025 by rpki-client